Report - gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1

Report Overview

Submitted URL
gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1
IP
203.195.137.159
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited
Submitted
2022-10-07 21:11:27
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - DHL

Detections

urlquery
4
Network Intrusion Detection
0
Threat Detection Systems
62

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.43.46.140
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	673 B	8.6 kB	151.101.85.229
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	293 B	34 kB	142.250.74.42
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	31 kB	69.16.175.42
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
ipinfo.io	8136	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	624 B	965 B	34.117.59.81
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	1.9 kB	104.18.21.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	690 B	1.4 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	64 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	54.230.111.7
gxjjcn.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.8 kB	581 kB	203.195.137.159

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-07	medium	gxjjcn.com/hyi/-/dir/dist/js.cookie.js	Phishing
2022-10-07	medium	gxjjcn.com/hyi/-/dir/dist/jquery-lang.js	Phishing
2022-10-07	medium	gxjjcn.com/hyi/-/dir/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff	Phishing
2022-10-07	medium	gxjjcn.com/hyi/-/dir/dist/load.php	Phishing
2022-10-07	medium	gxjjcn.com/hyi/-/dir/dist/DHL_footer.html	Phishing
2022-10-07	medium	gxjjcn.com/hyi/-/dir/dist/DHL_head.html	Phishing
2022-10-07	medium	gxjjcn.com/hyi/-/dir/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff	Phishing
2022-10-07	medium	gxjjcn.com/hyi/-/dir/dist/langpack/en.json	Phishing
2022-10-07	medium	gxjjcn.com/hyi/-/dir/dist/langpack/en.json	Phishing
2022-10-07	medium	gxjjcn.com/hyi/-/dir/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff	Phishing
2022-10-07	medium	gxjjcn.com/hyi/-/dir/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff	Phishing
2022-10-07	medium	gxjjcn.com/hyi/-/dir/dist/DHL_track.html	Phishing
2022-10-07	medium	gxjjcn.com/hyi/-/dir/dist/jquery.validate.min.js	Phishing
2022-10-07	medium	gxjjcn.com/hyi/-/dir/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-07	medium	gxjjcn.com	Sinkholed
2022-10-07	medium	gxjjcn.com	Sinkholed
2022-10-07	medium	gxjjcn.com	Sinkholed
2022-10-07	medium	gxjjcn.com	Sinkholed
2022-10-07	medium	gxjjcn.com	Sinkholed
2022-10-07	medium	gxjjcn.com	Sinkholed
2022-10-07	medium	gxjjcn.com	Sinkholed
2022-10-07	medium	gxjjcn.com	Sinkholed
2022-10-07	medium	gxjjcn.com	Sinkholed
2022-10-07	medium	gxjjcn.com	Sinkholed
2022-10-07	medium	gxjjcn.com	Sinkholed
2022-10-07	medium	gxjjcn.com	Sinkholed
2022-10-07	medium	gxjjcn.com	Sinkholed
2022-10-07	medium	gxjjcn.com	Sinkholed
2022-10-07	medium	gxjjcn.com	Sinkholed
2022-10-07	medium	gxjjcn.com	Sinkholed
2022-10-07	medium	gxjjcn.com	Sinkholed

JavaScript (14)

	URL	Size	First Seen	Last Seen
	gxjjcn.com/hyi/-/dir/dist/js.cookie.js	3.4 kB	2023-03-07	2024-04-03
Pretty URL gxjjcn.com/hyi/-/dir/dist/js.cookie.js IP 203.195.137.159 ASN #45090 Shenzhen Tencent Computer Systems Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-03 07:26:38 Times Seen469 Hash 19d988c6d1e7cd9d601639a616dc769b 2cf3f170a083a3e4538a6f55b1064eaf737f6180 9df6e8c4bc8ea670d2f4da40a35a41772cc8857aca288a77acfa891cf1a54c36 Loading...

	gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1	1.8 kB	2023-03-07	2023-04-05
Pretty URL gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1 IP 203.195.137.159 ASN #45090 Shenzhen Tencent Computer Systems Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2023-04-05 02:10:37 Times Seen37 Hash 9ddee2a191326dc2605ceb1cc094990b d422115883d943f7449a253f252a830efdfeee71 c8504d5af9e4a9db87d3b945f0a2d75188098d24a3f87e99dcb7c01b98bd4029 Loading...

	gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1	1.4 kB	2023-03-07	2023-04-05
Pretty URL gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1 IP 203.195.137.159 ASN #45090 Shenzhen Tencent Computer Systems Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2023-04-05 02:10:37 Times Seen37 Hash 5329f7468d15783c00be6fe3f9b06b32 34a468c9ba09e58351afa6c0021e454245699815 6ebae2c4b8815818d94884a0939c122eb1b81a1b17add5fda8aa0904aa81025b Loading...

	gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1	1.5 kB	2023-03-08	2024-04-03
Pretty URL gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1 IP 203.195.137.159 ASN #45090 Shenzhen Tencent Computer Systems Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:35:52 Last Seen2024-04-03 07:26:38 Times Seen126 Hash 333b1a68e11af5c6f3517aca58a09c79 e4116574c2f340348c8c29c326d55cdbec6f38dd 938c892b8d5aa6c4f123664ee91c8e209fc873138b56a722ff1a08a002e3f473 Loading...

	gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1	629 B	2023-03-07	2024-04-10
Pretty URL gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1 IP 203.195.137.159 ASN #45090 Shenzhen Tencent Computer Systems Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-10 07:44:44 Times Seen193 Hash 40caf4b9db3eeb421d7639f1c1cb39e0 d0afc8f3fef2cf87946a0eca6461a4a2d55a5680 4443f9401c6a316d9ac2cb120686003f32a7933a52b29894609185f058a5308e Loading...

	gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1	2.1 kB	2023-03-08	2023-03-13
Pretty URL gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1 IP 203.195.137.159 ASN #45090 Shenzhen Tencent Computer Systems Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:35:52 Last Seen2023-03-13 17:25:02 Times Seen1 Hash b872933199f244e108c78018003794e1 544b2296812e60b439513f2cb4caf0ded58b90d8 e36be88f1ec25f275ccd5b146207ba6c67934d10a54659c2aebe3f348366c6b3 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js	93 kB	2023-03-07	2024-04-17
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-17 06:13:04 Times Seen16759 Hash e0e0559014b222245deb26b6ae8bd940 e2f3603e23711f6446f278a411d905623d65201e 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e Loading...

	gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1	1.0 kB	2023-03-07	2024-04-07
Pretty URL gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1 IP 203.195.137.159 ASN #45090 Shenzhen Tencent Computer Systems Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-07 07:13:32 Times Seen66 Hash 1d175bf3c30c7a41b8f0f6c60e2fcefc 1e1ac5cb8a33370b0eff734a461cf2bae98e1244 4323901acf3473e6164e79dcb144d4c5f97709819c0c572056c09174aa78dce9 Loading...

	cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js	21 kB	2023-03-07	2024-04-18
Pretty URL cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-18 02:13:43 Times Seen5863 Hash 1022eaf388cc780bcfeb6456157adb7d 313789ca0e31b654784dbba8b0f83f364f8683b4 fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f Loading...

	code.jquery.com/jquery-3.5.1.min.js	90 kB	2023-03-07	2024-04-18
Pretty URL code.jquery.com/jquery-3.5.1.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-18 01:58:41 Times Seen137771 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	gxjjcn.com/hyi/-/dir/dist/jquery-lang.js	28 kB	2023-03-07	2024-04-03
Pretty URL gxjjcn.com/hyi/-/dir/dist/jquery-lang.js IP 203.195.137.159 ASN #45090 Shenzhen Tencent Computer Systems Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-03 07:26:38 Times Seen476 Hash 1062fb1e2ffb1b8b6c596da423b9aef6 e0f54f2cdfce6d3861506744d6c52fbc23f612e9 67829a15eafd08a53376a78dc3574724e4bf87455bdc7b52c9b01828df272ca2 Loading...

	gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1	5 B	2023-03-07	2024-04-17
Pretty URL gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1 IP 203.195.137.159 ASN #45090 Shenzhen Tencent Computer Systems Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-17 21:54:17 Times Seen2663 Hash 230a091930a82c5ae47e29610ee98ceb 6376b33e5123bf09a271789a272103f957c8f38d 4dc501d66cd78903b81b1a53459d0432939728c537bbe9ffab55ab81521cb352 Loading...

	gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1	24 kB	2023-03-07	2023-04-05
Pretty URL gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1 IP 203.195.137.159 ASN #45090 Shenzhen Tencent Computer Systems Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-04-05 02:10:37 Times Seen48 Hash be2688fe29eb5135f6f36c94e2e53820 15364bc930a8e0f87a09b5aa645a312984a9da73 0ca6e9d89d18b037dcce799d02a32f53aca9497adba83f93ea6d8751fe2fa217 Loading...

	gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1	9 B	2023-03-07	2024-04-18
Pretty URL gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1 IP 203.195.137.159 ASN #45090 Shenzhen Tencent Computer Systems Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-18 02:09:17 Times Seen16006 Hash 5e543256c480ac577d30f76f9120eb74 d5d4cd07616a542891b7ec2d0257b3a24b69856e eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c Loading...

HTTP Transactions (44)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

54.230.111.7

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3oWokM5rQ4myJLXBqp7sKRFUSHIILBtLhwB7LkzejvQbzR5T3-yujg==
Age: 192227

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1273d41c84b2b39f78a8033130d00282
556757697b70e019ed502585fcc888e2403f3229
ee3c03cc0a659fbc43d34feaa79a8ad6627b9c525d675956cdb434c1590db89e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE3C03CC0A659FBC43D34FEAA79A8AD6627B9C525D675956CDB434C1590DB89E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7606
Expires: Fri, 07 Oct 2022 23:17:52 GMT
Date: Fri, 07 Oct 2022 21:11:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6121
Expires: Fri, 07 Oct 2022 22:53:07 GMT
Date: Fri, 07 Oct 2022 21:11:06 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: TQaKz4KtkuAdcVn7j+QCG3rkjRFXbl6lRBzARkY/V/zVi51+33jY5QaIVw024xPaKzSfv4r2/Cw=
x-amz-request-id: ZFV942HKY2GZ1RG6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 07 Oct 2022 20:59:19 GMT
age: 707
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1

203.195.137.159

200 OK

1.9 kB

URL HTTP/1.1
gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1
IP
203.195.137.159:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.9 kB (1917 bytes)
Hash
ac663b6b2014a63c2d60f68d0b2e201a
e90553ea100be3c4e570dba5e5f6626aa5de94f9
94d60149ca27c4663d089612ffff0ccdc303f89e80ef688b5f6a3532c436f4d9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1 HTTP/1.1
Host: gxjjcn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 21:11:06 GMT
Content-Type: text/html
Last-Modified: Fri, 07 Oct 2022 07:56:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633fdb9f-1f52"
Content-Encoding: gzip

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 21:11:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

142.250.74.42

200 OK

33 kB

URL HTTP/1.1
ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32072)
Size
33 kB (32954 bytes)
Hash
d38e2944bbc9ae54b8947a2bd0b9a932
782a825679b248d38979c2d7ecae257873344437
65a0917567cb7037612cf420629873f2f3594d2e741aaadf90d893d07d8f5fdd

HTTP Headers

GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gxjjcn.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 32954
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 07 Oct 2022 11:23:22 GMT
Expires: Sat, 07 Oct 2023 11:23:22 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 35264

code.jquery.com/jquery-3.5.1.min.js

69.16.175.42

200 OK

31 kB

URL HTTP/2
code.jquery.com/jquery-3.5.1.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65451)
Size
31 kB (30879 bytes)
Hash
3700d0b271343804b9b9aa1c13efa521
3d6b03dbd74872ca3dfbb0529f6c80943788f918
fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e

HTTP Headers

GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://gxjjcn.com
Connection: keep-alive
Referer: http://gxjjcn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 07 Oct 2022 21:11:06 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1665177066.dop227.sk1.t,1665177066.cds201.sk1.hn,1665177066.cds208.sk1.c
X-Firefox-Spdy: h2

gxjjcn.com/hyi/-/dir/dist/js.cookie.js

203.195.137.159

200 OK

1.5 kB

URL HTTP/1.1
gxjjcn.com/hyi/-/dir/dist/js.cookie.js
IP
203.195.137.159:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
ASCII text
Size
1.5 kB (1459 bytes)
Hash
c2b8a5ec7feab55c9367484bf1a827b8
3235843155f4895895a3c82bc486cb7cf04d0293
462e9b036ef7da2ce8ac4afce22db9f437fd7a061a643e885acf303acfe23600

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /hyi/-/dir/dist/js.cookie.js HTTP/1.1
Host: gxjjcn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 21:11:06 GMT
Content-Type: application/javascript
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6332e3ba-d60"
Expires: Sat, 08 Oct 2022 09:11:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.7

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Fri, 07 Oct 2022 21:09:35 GMT
Cache-Control: max-age=3600
Expires: Fri, 07 Oct 2022 21:20:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vg7asX_ONfDF8o6uPEFAf8K7URRajNR9ZUwpf5VlJdMDq-UrWiTLPQ==
Age: 2485

gxjjcn.com/hyi/-/dir/dist/jquery-lang.js

203.195.137.159

200 OK

8.0 kB

URL HTTP/1.1
gxjjcn.com/hyi/-/dir/dist/jquery-lang.js
IP
203.195.137.159:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
ASCII text
Size
8.0 kB (8035 bytes)
Hash
ea15f345d5b4c6c29679113a0760a048
efc848d46e044e487d28df111e35cc84baf2be95
eb82846df5ab3495a4aa3567562bb43dc52983f808f0d0dd15e4950f3a259068

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /hyi/-/dir/dist/jquery-lang.js HTTP/1.1
Host: gxjjcn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 21:11:06 GMT
Content-Type: application/javascript
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6332e3ba-6c2d"
Expires: Sat, 08 Oct 2022 09:11:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d6c404502c7987174a84d8f0a3efab23
fc3a3f6d63acab3f659fb3536b65fd8564ec8628
94b5693df873bd923ffbf31f576fff01d2628e5796af4c6b91306a743e27d19b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4159
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 21:11:06 GMT
Last-Modified: Fri, 07 Oct 2022 20:01:47 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.43.46.140

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.43.46.140:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Phua1XliGJHmdO1K40OT8A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: D3Vv3GAC/WHPszQt41wlQ6TROBM=

gxjjcn.com/hyi/-/dir/dist/dhl.css

203.195.137.159

200 OK

364 kB

URL HTTP/1.1
gxjjcn.com/hyi/-/dir/dist/dhl.css
IP
203.195.137.159:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
Unicode text, UTF-8 text, with very long lines (1148), with CRLF line terminators
Size
364 kB (363584 bytes)
Hash
1173a779603e4bb35745ed92a25a1ad7
5a922c9e379676611381e2fa5fdff353b1823a89
b71c0c9eda07ed2f929ddfd5e3ca9c3919a122d8297785834dafffa3c6611c35

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /hyi/-/dir/dist/dhl.css HTTP/1.1
Host: gxjjcn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 21:11:06 GMT
Content-Type: text/css
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6332e3ba-15b189"
Expires: Sat, 08 Oct 2022 09:11:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

gxjjcn.com/hyi/-/dir/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff

203.195.137.159

200 OK

41 kB

URL HTTP/1.1
gxjjcn.com/hyi/-/dir/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff
IP
203.195.137.159:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
Web Open Font Format, TrueType, length 41084, version 1.66\012- data
Size
41 kB (41084 bytes)
Hash
03f859bf58e4d37841070de34be7d978
3436d4fa17e7ee470c3d62b08787cfa7de408408
5af5c3746b03792640b9cafdabddfb2c5407f72988e128541a88fa439607d940

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /hyi/-/dir/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff HTTP/1.1
Host: gxjjcn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/dist/dhl.css

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 21:11:07 GMT
Content-Type: font/woff
Content-Length: 41084
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Connection: keep-alive
ETag: "6332e3ba-a07c"
Accept-Ranges: bytes

gxjjcn.com/hyi/-/dir/dist/load.php

203.195.137.159

200 OK

1.2 kB

URL HTTP/1.1
gxjjcn.com/hyi/-/dir/dist/load.php
IP
203.195.137.159:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
HTML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1178 bytes)
Hash
c81ab15c01444ca14ab575ec887e6efd
336c0c787532534fbe935279de0e263c87dbe683
486bf42cfcdaa1a4fb885273935636932da78691aaabc36ecf2209bfe917972e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /hyi/-/dir/dist/load.php HTTP/1.1
Host: gxjjcn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 21:11:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.1.5
Content-Encoding: gzip

gxjjcn.com/hyi/-/dir/dist/DHL_footer.html

203.195.137.159

200 OK

6.3 kB

URL HTTP/1.1
gxjjcn.com/hyi/-/dir/dist/DHL_footer.html
IP
203.195.137.159:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (2591)
Size
6.3 kB (6310 bytes)
Hash
9af4e72c1ec135c251cce7c69fdc5a13
ed1fe1cc1ab66866578add655566d3da7a1049ef
6dfde0dd027711b3e162b91f9fd092ac5d7ac4a8342621c70d0a518bde927c64

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /hyi/-/dir/dist/DHL_footer.html HTTP/1.1
Host: gxjjcn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 21:11:07 GMT
Content-Type: text/html
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6332e3ba-3c69"
Content-Encoding: gzip

gxjjcn.com/hyi/-/dir/dist/DHL_head.html

203.195.137.159

200 OK

3.4 kB

URL HTTP/1.1
gxjjcn.com/hyi/-/dir/dist/DHL_head.html
IP
203.195.137.159:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1836)
Size
3.4 kB (3449 bytes)
Hash
98b5839a1b1be9e91833d552215700f1
3949372c264253e08d55dfb1c088072aa6a98afd
f379aba84f69f335ce51665341f2fa7841e2785d4eb450e61e5b7a009fadc071

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /hyi/-/dir/dist/DHL_head.html HTTP/1.1
Host: gxjjcn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 21:11:07 GMT
Content-Type: text/html
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6332e3ba-2d05"
Content-Encoding: gzip

ipinfo.io/country

34.117.59.81

302 Found

72 B

URL HTTP/1.1
ipinfo.io/country
IP
34.117.59.81:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
72 B (72 bytes)
Hash
b79f12127b13f3298b65130f55033eea
0c5df3d4734c5d754f78df4dd08f329ce38ab901
76d7f55bf215f2132f41391f47b4efd048f7c3b61db2b650e2a0a9b4a02d79f0

HTTP Headers

GET /country HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gxjjcn.com/
Origin: http://gxjjcn.com
Connection: keep-alive

HTTP/1.1 302 Found
access-control-allow-origin: *
location: https://ipinfo.io/country
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
date: Fri, 07 Oct 2022 21:11:08 GMT
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
transfer-encoding: chunked
Via: 1.1 google

ocsp.pki.goog/s/gts1d4/5QlTZKzjgCw

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/5QlTZKzjgCw
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
54f07675920c23e7a89e2abbd204f031
3ea3f44fa29a7ee5395cba89abf6a802fdaea82e
19a1a84e718a5c1ffda6b3887c280139acf280534e5c298b4a0c89ea61b92d07

HTTP Headers

POST /s/gts1d4/5QlTZKzjgCw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 21:11:08 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gxjjcn.com/hyi/-/dir/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff

203.195.137.159

200 OK

44 kB

URL HTTP/1.1
gxjjcn.com/hyi/-/dir/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff
IP
203.195.137.159:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
Web Open Font Format, TrueType, length 44260, version 1.66\012- data
Size
44 kB (44260 bytes)
Hash
4a350e02a03ac62e72e9ea575b31ce84
d47b03b96b6e7034a1473a293bb594e597a41dc2
87c40e3961e21f759770615ae67568a3de3ec6e0735f1238a6aae062f4ea15d5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /hyi/-/dir/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff HTTP/1.1
Host: gxjjcn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/dist/dhl.css

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 21:11:08 GMT
Content-Type: font/woff
Content-Length: 44260
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Connection: keep-alive
ETag: "6332e3ba-ace4"
Accept-Ranges: bytes

gxjjcn.com/hyi/-/dir/dist/langpack/en.json

203.195.137.159

200 OK

514 B

URL HTTP/1.1
gxjjcn.com/hyi/-/dir/dist/langpack/en.json
IP
203.195.137.159:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
JSON data\012- , ASCII text
Size
514 B (514 bytes)
Hash
e5111c3d242107acc93f71f9c9182079
c648da6b0a6c4f9b89dbee1027cf9a7be36217ca
86f9abd216bc64ead1404975e2b6132aebc42ebd106e5be0f660b7e5852051a3

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - DHL
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /hyi/-/dir/dist/langpack/en.json HTTP/1.1
Host: gxjjcn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 21:11:08 GMT
Content-Type: application/json
Content-Length: 514
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Connection: keep-alive
ETag: "6332e3ba-202"
Accept-Ranges: bytes

gxjjcn.com/hyi/-/dir/dist/langpack/en.json

203.195.137.159

200 OK

514 B

URL HTTP/1.1
gxjjcn.com/hyi/-/dir/dist/langpack/en.json
IP
203.195.137.159:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
JSON data\012- , ASCII text
Size
514 B (514 bytes)
Hash
e5111c3d242107acc93f71f9c9182079
c648da6b0a6c4f9b89dbee1027cf9a7be36217ca
86f9abd216bc64ead1404975e2b6132aebc42ebd106e5be0f660b7e5852051a3

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - DHL
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /hyi/-/dir/dist/langpack/en.json HTTP/1.1
Host: gxjjcn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 21:11:08 GMT
Content-Type: application/json
Content-Length: 514
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Connection: keep-alive
ETag: "6332e3ba-202"
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7503
Expires: Fri, 07 Oct 2022 23:16:11 GMT
Date: Fri, 07 Oct 2022 21:11:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7503
Expires: Fri, 07 Oct 2022 23:16:11 GMT
Date: Fri, 07 Oct 2022 21:11:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7503
Expires: Fri, 07 Oct 2022 23:16:11 GMT
Date: Fri, 07 Oct 2022 21:11:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7503
Expires: Fri, 07 Oct 2022 23:16:11 GMT
Date: Fri, 07 Oct 2022 21:11:08 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13437 bytes)
Hash
16339989f5c6c229a3dcc0ed1e52032f
a1ea26d6e4eb4a72cc8c87100b40035dab69d285
16703f888ee6f974bb89e1c4c16a75186b31b64130abcd1a3bcd3741159d912c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13437
x-amzn-requestid: ec801fbc-c339-46ce-ac5f-18d064e5ef21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_HdeoAMFyOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-02b52b770e6e76cf52b26e47;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Iesqk_XbGiZE-n3mTa1_1WtlXiyEqz-4qfyt3_609O1eujdLcFu3zA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:47:25 GMT
age: 84223
etag: "a1ea26d6e4eb4a72cc8c87100b40035dab69d285"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8445 bytes)
Hash
4572451a09430ca7a9203f14ddc035ba
46e17c44fba23988d7a9d9832c411ba2810136c3
fa54e73c4b32d8e109504ebcd46e4316de8143f44b7eae20a44ba63d14a6f24b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8445
x-amzn-requestid: 7d295b3b-29d6-4b2e-8314-c9055d1def80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmju5FxwoAMFeQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4cc5-3f58c18b1159ad512c60422b;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:46:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: DC1ECXhkAhfdrU8ZyMhhDdwydsq4PQfzzGOPd-REjCkCsDbXQLnLiA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:57 GMT
etag: "46e17c44fba23988d7a9d9832c411ba2810136c3"
content-type: image/jpeg
age: 82931
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7261 bytes)
Hash
ed3fa86bbe319c9a2f81ff625e677cb0
e3d5210207f6ff922bc28e328285059c19a523a4
5919694bd942a4f25d5b7ffc3f8aee1af6cdb8461d4ba3dba9a2e72cf19164c8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7261
x-amzn-requestid: e1bdf299-b29e-4f58-9c8a-33f5dacdb081
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmirBELYoAMFfgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b13-1969b32c6f4f7e5749e7caa0;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: FO5iGJFmDfdklhzIVOxp4x3AV7ltFqBDDlYBz39Zzx99t7oykNR2WQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 a4479a6315f90864adc6175b280f8f44.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:43:40 GMT
age: 84448
etag: "e3d5210207f6ff922bc28e328285059c19a523a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10987 bytes)
Hash
53b7ffdc3799e0ac7a225145242579ef
c47f0525fe5354ee13fe63c0ec31f0f826a58005
4bb518afc9b3e7bfb976d343e46b306155834adbe71fa35b0d6f509959f78aca

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10987
x-amzn-requestid: c2ab1012-1afd-4d74-8114-97977b43da24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZgCHwGdGoAMFvyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633cb097-3237927a0c1e081d22c902f7;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 22:15:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: JYDg0-KelCPr__4bKtpARLrwiE1CHGICcFI6I9_TFCMcmESbykNhXQ==
via: 1.1 3dde68f1f52282c9e1ee336d97233b0a.cloudfront.net (CloudFront), 1.1 27f6faf9790b5a2877fb528fa31f7922.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:50 GMT
age: 82938
etag: "c47f0525fe5354ee13fe63c0ec31f0f826a58005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccc2005-2e35-42eb-8f79-f2155e9eb404.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8050 bytes)
Hash
0611d96a8a76ee2b104a70372860f979
579dea2edcf3f3fa3e18530d1f254132589a2f6b
70996e9eb0aac2a5befff12fd63c57c5120f59e061af60b60c975694307a6be3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccc2005-2e35-42eb-8f79-f2155e9eb404.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8050
x-amzn-requestid: 7332406c-4a06-4c0d-a4c3-d59e089b511d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJw3jHaooAMF6bQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333c830-4513d4852dc064a812c23cea;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 04:06:08 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ytF_TxhiRg0wYUJod7-t0FEv_p7EkIXJNe2rygTGxW6TnebbTy8DCw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:18:59 GMT
age: 82329
etag: "579dea2edcf3f3fa3e18530d1f254132589a2f6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9046 bytes)
Hash
7e30ca5022768294665070cafc9d489c
c6ebf53c21206cfcf8e70279d3ae43f0170ade3a
6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: Vy9jQu1a8BGypY4C4u_9gao5wPEkVHgArhG2zMNdH8KfBS0lfmyHBA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57bd3a2d9e0e4cbf89d9eb3d7dfb916e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:43:40 GMT
age: 84448
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/5QlTZKzjgCw

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/5QlTZKzjgCw
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
54f07675920c23e7a89e2abbd204f031
3ea3f44fa29a7ee5395cba89abf6a802fdaea82e
19a1a84e718a5c1ffda6b3887c280139acf280534e5c298b4a0c89ea61b92d07

HTTP Headers

POST /s/gts1d4/5QlTZKzjgCw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 21:11:08 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gxjjcn.com/hyi/-/dir/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff

203.195.137.159

200 OK

41 kB

URL HTTP/1.1
gxjjcn.com/hyi/-/dir/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff
IP
203.195.137.159:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
Web Open Font Format, TrueType, length 41328, version 1.66\012- data
Size
41 kB (41328 bytes)
Hash
e39bd2e2657ce5dd6f9c33df18529233
6db81ebb91bfa67cef8f2f870f03046150568799
19d0bda83ecbc986620468801adf000c77c3c38398650903c63fac8dcbac4383

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /hyi/-/dir/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff HTTP/1.1
Host: gxjjcn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/dist/dhl.css

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 21:11:08 GMT
Content-Type: font/woff
Content-Length: 41328
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Connection: keep-alive
ETag: "6332e3ba-a170"
Accept-Ranges: bytes

gxjjcn.com/hyi/-/dir/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff

203.195.137.159

200 OK

9.3 kB

URL HTTP/1.1
gxjjcn.com/hyi/-/dir/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff
IP
203.195.137.159:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
Web Open Font Format, TrueType, length 9316, version 1.0\012- data
Size
9.3 kB (9316 bytes)
Hash
9355df62a665ef9249036bbccad8c54c
6b7779a10187a1a7473f604fbe3db96350868c6a
6d051536af97fbd33fae0683a1b6ce3749757ab43c8ee8c89295755fd4595807

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - DHL
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /hyi/-/dir/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff HTTP/1.1
Host: gxjjcn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/dist/dhl.css

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 21:11:08 GMT
Content-Type: font/woff
Content-Length: 9316
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Connection: keep-alive
ETag: "6332e3ba-2464"
Accept-Ranges: bytes

gxjjcn.com/hyi/-/dir/dist/favicon.ico

203.195.137.159

200 OK

1.2 kB

URL HTTP/1.1
gxjjcn.com/hyi/-/dir/dist/favicon.ico
IP
203.195.137.159:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
d8106bf3a1d00ab43b01e6e3c92500eb
202b5e8654ab1b28351378293bca3b9d844cc29b
9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /hyi/-/dir/dist/favicon.ico HTTP/1.1
Host: gxjjcn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 21:11:08 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Connection: keep-alive
ETag: "6332e3ba-47e"
Accept-Ranges: bytes

gxjjcn.com/hyi/-/dir/dist/DHL_track.html

203.195.137.159

200 OK

2.6 kB

URL HTTP/1.1
gxjjcn.com/hyi/-/dir/dist/DHL_track.html
IP
203.195.137.159:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (356)
Size
2.6 kB (2573 bytes)
Hash
0c7b7259abc46422f5d830687bbb0c84
4cc31e593f4c41166236fbf37b5bb4c88364df30
dbde243b328fc1c7a707a8144a98cb359facd0102c53d176abafc80b8b4748a6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /hyi/-/dir/dist/DHL_track.html HTTP/1.1
Host: gxjjcn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1
Cookie: langCookie=en

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 21:11:09 GMT
Content-Type: text/html
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6332e3ba-196f"
Content-Encoding: gzip

gxjjcn.com/hyi/-/dir/dist/jquery.validate.min.js

203.195.137.159

200 OK

8.8 kB

URL HTTP/1.1
gxjjcn.com/hyi/-/dir/dist/jquery.validate.min.js
IP
203.195.137.159:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
Unicode text, UTF-8 text, with very long lines (24237)
Size
8.8 kB (8756 bytes)
Hash
0aa2ca51109290ccf21ac5217babbbe1
7ea8f79d4df043f4cdd4db3bfeffe30787c21c5b
c157bb061310123c090432240fdb79e6c6f5cd8a4501a87a72495cbe1f593a7c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /hyi/-/dir/dist/jquery.validate.min.js HTTP/1.1
Host: gxjjcn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/8252964daab15ccfc8fec43b66dae14b/execution.html?validation=e1s1
Cookie: langCookie=en

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 21:11:10 GMT
Content-Type: application/javascript
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6332e3ba-5f38"
Expires: Sat, 08 Oct 2022 09:11:10 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

151.101.85.229

301 Moved Permanently

0 B

URL HTTP/1.1
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gxjjcn.com/

HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
Accept-Ranges: bytes
Date: Fri, 07 Oct 2022 21:11:10 GMT
X-Served-By: cache-bma1645-BMA
X-Cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

151.101.85.229

200 OK

7.5 kB

URL HTTP/2
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (21060)
Size
7.5 kB (7503 bytes)
Hash
1f61c1b15b25ba046056238766ff3a43
2b8db740e4e913e9dc87a6060dea2a6b17ad0ec8
fe78a2c604b4757dd5d114e0efb7e74c8f4acfe840bf6b6c01517205744a7648

HTTP Headers

GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gxjjcn.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.16.1
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 07 Oct 2022 21:11:10 GMT
age: 11467275
x-served-by: cache-fra19126-FRA, cache-bma1623-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7503
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
1794add4e11ae1cfefa363b5465d7a5c
46337e87fc0c99dce84e916b0d2819897d176dc5
e57ae55c741c96d1fd01f56c2d82af992b0bfd8b497a3c39ebc1a317f62ffd50

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 21:11:10 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "4EB7B9B0DA0B0C8534B5EDE65561578186CFE737"
Expires: Sat, 08 Oct 2022 08:00:00 GMT
Last-Modified: Fri, 07 Oct 2022 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 456
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7569a0b258560afe-OSL

gxjjcn.com/hyi/-/dir/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff

203.195.137.159

200 OK

41 kB

URL HTTP/1.1
gxjjcn.com/hyi/-/dir/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff
IP
203.195.137.159:0
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

File type
Web Open Font Format, TrueType, length 41352, version 1.66\012- data
Size
41 kB (41352 bytes)
Hash
4e23ecf085132857bdb54b4da7373151
a50215c22a591536b21e509100d1707c6886ffd6
b033eff45e6e8ecd5c5bccd8ef9a96c4dc37325adc64c5aed8b1d909b24c4eb4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /hyi/-/dir/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff HTTP/1.1
Host: gxjjcn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/dist/dhl.css
Cookie: langCookie=en

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 21:11:10 GMT
Content-Type: font/woff
Content-Length: 41352
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Connection: keep-alive
ETag: "6332e3ba-a188"
Accept-Ranges: bytes

ipinfo.io/country

34.117.59.81

429 Too Many Requests

0 B

URL HTTP/2
ipinfo.io/country
IP
34.117.59.81:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /country HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: http://gxjjcn.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 429 Too Many Requests
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-type: application/json; charset=utf-8
date: Fri, 07 Oct 2022 21:11:08 GMT
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations